The National Institute of Standards and Technology (NIST) has released its draft guidelines in regards to telecommuting protocol, a much-needed update to the federal agencies original documents drafted back in 2009.

Highlighted in the updated guidelines for telework protocol is government agencies need to establish virtual mobile infrastructure technologies, where teleworking employees would access network information through customized mobile operating systems hosted on virtual machines, and the intermediate connection is destroyed when the session ends.

According to NIST computer scientist, Murugiah Souppaya, “Organizations are realizing that many data breaches occur when attackers can steal important information from a network by first attacking computer used for telework.”

The draft guidance also encourages agencies to implement mobile device management tools, which would prevent employees from gaining access to networks or sensitive data on devices that don’t fall in line with the established security standards.

The update in NIST documents 800-46 and 800-114 offers solutions to the ever increasingly complex task of safeguarding government agencies as federal agencies shift to adapt the telecommuting trend growing increasingly popular within the private sector. The difficulty in forming a secure telework arrangement is particularly complex for federal employees who work abroad, either from an embassy or elsewhere.

Just last week, the Department of Veterans Affairs Deputy Assistant Inspector, General Brent Arronte, testified during a House Oversight subcommittee that the agency has an inconsistent implementation of security protocol. Among the various security pitfalls highlighted in Arronte’s testimony was an instance where VA employees were given the approval to work with foreign nations, and employees ‘improperly connected to the VA’s network from foreign locations’ without preparations for secure network access and used personal equipment in accessing the agency’s network.

Even within the private sector, many organizations are struggling with the challenge of employees accessing their organizations’ networks remotely.  

Over the year security guidelines like that of NIST and various other initiatives have not been efficiently followed, causing a string of data breaches affecting hundreds of millions of individuals. Best security practices and procedures have been developed for good reason and NNT has been in integral stakeholder in collaborating on security best practices.

Achieving 100% security may seem impossible, but with NNT’s Change Tracker Gen7 your organization will be equipped with best in class solutions like File Integrity Monitoring, Change and Configuration Management, System Hardening & Vulnerability Management, Continuous Compliance and Breach Detection to make your IT estate as secure as possible.

 

Read this article on SC Magazine

 

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.